๐จ CVE-2026-57975
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-57981
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-57983
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
๐@cveNotify
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
๐@cveNotify
๐จ CVE-2026-57984
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-57985
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-57986
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-57988
Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-57991
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
๐@cveNotify
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
๐@cveNotify
๐จ CVE-2026-57992
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-58276
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-58284
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-58285
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-58288
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-58294
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
๐@cveNotify
๐จ CVE-2026-58522
Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.
๐@cveNotify
Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.
๐@cveNotify
๐จ CVE-2026-14797
A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
๐จ CVE-2025-8591
The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application.
By leveraging this weakness, an attacker can cause the user's browser to redirect to a malicious website, modify the UI of the webpage, or retrieve information from the browser. However, the impact is mitigated by the use of httpOnly flags on session-related cookies, preventing session hijacking.
๐@cveNotify
The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application.
By leveraging this weakness, an attacker can cause the user's browser to redirect to a malicious website, modify the UI of the webpage, or retrieve information from the browser. However, the impact is mitigated by the use of httpOnly flags on session-related cookies, preventing session hijacking.
๐@cveNotify
Wso2
Security Advisory WSO2-2025-4343/CVE-2025-8591
Documentation for WSO2 Security and Compliance
๐จ CVE-2026-49297
Apache Airflow's Google provider operators `GCSToSFTPOperator` and `GCSTimeSpanFileTransformOperator` joined GCS object names returned by the bucket listing API directly to a destination filesystem path without normalisation or containment check. A user with write access to the source GCS bucket (typically a different trust principal than the DAG author โ partner uploads, ingest-only service accounts, public-data buckets) could create an object whose name contains `..` segments and cause the DAG run to write the downloaded blob outside the configured destination (the SFTP `destination_path` for `GCSToSFTPOperator`; the worker-local temp directory for `GCSTimeSpanFileTransformOperator`), enabling overwrite of arbitrary files on the SFTP server or the worker host. Affects deployments that ingest from buckets writable by less-trusted principals. Users are advised to upgrade to `apache-airflow-providers-google` 22.2.1 or later.
๐@cveNotify
Apache Airflow's Google provider operators `GCSToSFTPOperator` and `GCSTimeSpanFileTransformOperator` joined GCS object names returned by the bucket listing API directly to a destination filesystem path without normalisation or containment check. A user with write access to the source GCS bucket (typically a different trust principal than the DAG author โ partner uploads, ingest-only service accounts, public-data buckets) could create an object whose name contains `..` segments and cause the DAG run to write the downloaded blob outside the configured destination (the SFTP `destination_path` for `GCSToSFTPOperator`; the worker-local temp directory for `GCSTimeSpanFileTransformOperator`), enabling overwrite of arbitrary files on the SFTP server or the worker host. Affects deployments that ingest from buckets writable by less-trusted principals. Users are advised to upgrade to `apache-airflow-providers-google` 22.2.1 or later.
๐@cveNotify
GitHub
Validate destination paths derived from GCS object names by potiuk ยท Pull Request #67667 ยท apache/airflow
Two operators in the Google provider compute filesystem destination paths from GCS object names returned by list*() / list_by_timespan(), without normalizing the join result. Because GCS object nam...
๐จ CVE-2026-4249
The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service condition.
Successful exploitation of this vulnerability can disrupt the API Gateway, preventing legitimate API traffic from being processed and impacting complete service availability. The denial of service is persistent, requiring manual intervention to restore normal operations.
๐@cveNotify
The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service condition.
Successful exploitation of this vulnerability can disrupt the API Gateway, preventing legitimate API traffic from being processed and impacting complete service availability. The denial of service is persistent, requiring manual intervention to restore normal operations.
๐@cveNotify
Wso2
Security Advisory WSO2-2026-5236/CVE-2026-4249
Documentation for WSO2 Security and Compliance
๐จ CVE-2025-15667
A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gf_isom_nalu_sample_rewrite of the file src/isomedia/avc_ext.c of the component MP4Box. This manipulation of the argument nalu_out_bs causes double free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: f29f955f2a3b5e8e507caad3e52319f961bf37bf. To fix this issue, it is recommended to deploy a patch.
๐@cveNotify
A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gf_isom_nalu_sample_rewrite of the file src/isomedia/avc_ext.c of the component MP4Box. This manipulation of the argument nalu_out_bs causes double free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: f29f955f2a3b5e8e507caad3e52319f961bf37bf. To fix this issue, it is recommended to deploy a patch.
๐@cveNotify
๐จ CVE-2025-15668
A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpd_del_entry of the file src/isomedia/box_code_base.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit is publicly available and might be used. The name of the patch is f29f955f2a3b5e8e507caad3e52319f961bf37bf. It is advisable to implement a patch to correct this issue.
๐@cveNotify
A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpd_del_entry of the file src/isomedia/box_code_base.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit is publicly available and might be used. The name of the patch is f29f955f2a3b5e8e507caad3e52319f961bf37bf. It is advisable to implement a patch to correct this issue.
๐@cveNotify